Category Archives: General Security

Welcome! Please comment and leave me a note telling me what you like and what you'd like to see more of. Sign up to my RSS Feed!

Today’s blog is about what must be the single most disconcerting events of the last year. In continuation of the Putin vs. Stoltenberg, it was announced today that

NATO bolsters Eastern Europe against Russia

Before we begin, and for the record: I do not particularly like Putin. Happening to know more about his past than the average person would, I think there are plenty of reasons to dislike his actions.

That said, the announcement that

Nato is to bolster the alliance’s military presence in Eastern Europe…Six bases are being set up and a 5,000-strong “spearhead” force established. (BBC News)

Is very dangerous.

While the free (western) world see Russia as a criminal state, taking over the Crimea and arming rebels/sending fighter to the Ukraine, I think some clarification is in order.

Russia has three issues with the West:

Simply put, Russia was stunned (and is upset) that when the Warsaw Pact collapsed, NATO did not disband as well. After all, NATO was established to defend the west from the threat of Russian aggression.

Second, since the collapse of the Soviet Union, several countries that were a member of the Warsaw Pact have joined NATO. Russia sees that as a dangerous encroachment on its traditional belief that the countries around Russia are seen as the ‘near abroad’. This view effects its prior views on the Ukraine, Georgia, Armenia, etc. In fact, the ‘Rus’ in Russia is from the name of the tribes which once resided in and around Kiev, today in the Ukraine.

Finally, and still very fresh in the mind of Russian, is the Great Patriotic War (aka World War II). Russia lost millions of its sons and daughters to that war, and was one of the Allies. While Ukraine, and its people, mostly gladly joined the Germans, and even volunteered to serve in the infamous SS. So, how come the West is siding with the enemy?

Most would agree that a force of 5,000 people, as in the NATO declaration of today, would not be a really meaningful deterrence to Russia. While reassuring countries like Latvia and Lithuania, I suspect that this move will generate great consternation and immediate counter-action by Russia.

What we should be doing is lowering the flames, not raising them. In fact, if we do it smartly, it will pull some wind out of Putin’s sails internally.

Yesterday’s blog entry talked about the US President’s call for legislation to enable more sharing between Private industry and the Government of certain Cybersecurity events.

Today’s entry will analyze the proposal and attempt to clarify some of the language. The original text below is taken from the Whitehouse.gov website.

CYBERSECURITY INFORMATION SHARING LEGISLATION

Sec. 101. Purpose.

This section states that the purpose of the legislation is to codify mechanisms for enabling cybersecurity information sharing between private and government entities, as well as among private entities, to better protect information systems and more effectively respond to cybersecurity incidents.

Comment: There are actually two different targets here: The first, to allow Private industry to government sharing (more on this later); the second to allow sharing among Private Industry – including trade associations, competitors, and others.

malicious reconnaissance, including communications that reasonably appear to be transmitted for the purpose of gathering technical information related to a cyber threat;

a method of defeating a technical or operational control;

a technical vulnerability;

a method of causing a user with legitimate access to an information system or information that is stored on, processed by, or transiting an information system inadvertently to enable the defeat of a technical control or an operational control;

malicious cyber command and control;

any combination of (1)-(5).

B) from which reasonable efforts have been made to remove information that can be used to identify specific persons reasonably believed to be unrelated to the cyber threat ”

Comment: This is the standard ‘definitions’ section that most bills nowadays must have. However, please note the following:

Included is ‘malicious reconnaissance’. This is a term of the Art used to imply discretion as far as guessing the ‘intent’ of the network traffic. In my experience, this could be a ‘slippery slope’, especially when used together with the word ‘government’ in the same bill.

The second point, ‘defeating…a control’ is a major ‘slippery slope’. Would people who root Android be reported? What about people who download movies from YouTube? I believe that this clause has to be substantially honed.

Point number 4 I also find worrisome. The word ‘inadvertently’ together with the concepts below would create a whole lot of notifications about people who ‘inadvertently’ allowed the defeat of controls, and still get reported to the US Government. Not a good place to be.